I really struggled with verifying signing secrets on Slack so I decided to post on how to do it yourself if you’re working with the Slack API at all. This goes over some gotchas including Gregorian to UNIX timestamps, HMAC cryptography, and more:

https://userinterfacing.com/verifying-request-signatures-in-elixir-phoenix/